Using MSSPs to Secure SD-WAN

It’s been said that a rising tide lifts all boats. It turns out, however, that it doesn’t lift them all at the same time. Boats way in the back of the harbor, a little higher up on the shore, tend to have to wait a bit longer for the tide to reach them. In networking terms, those boats are just a bit beyond the reach of the first waves of the incoming tide of digital transformation.

While networks have been in transition for the past few years, traditional connectivity comes with its own set of obstacles. Mainly because it has historically relied on a static infrastructure of connectivity, devices, and strategies that struggle to accommodate or adapt to the sort of elasticity that temporary resource allocation and dynamic workloads require.

That is, until software-defined wide-area networking (SD-WAN) came along.

One of the core market disrupters of SD-WAN is its inherent network-agnostic trait. Say you have a 4G boat, a broadband boat, and a MPLS boat — all in different bodies of water and tributaries. SD-WAN is a tide that will lift them all. SD-WANs are an essential building block in the digital transformation of today’s organizations. It is not only able to dynamically distribute traffic across multiple locations while automatically responding to changing application policies, it is also transport and carrier-agnostic. Which means that there are alternatives to MPLS with more options for connectivity, allowing time and cost-saving functions such as intelligent path selection to be enabled.

While SD-WAN solves agnostic connectivity and efficiency issues, security still needs to be addressed. A change to any network architecture also tends to change the nature of the attack surface. While SD-WAN has some basic security functions built in — and advanced security such as a next generation firewall (NGFW), which typically run in parallel to SD-WAN — combining security and SD-WAN can provide a powerful advantage. According to Gartner, by 2020, 60 percent of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk.

The challenge is that many traditional security solutions will struggle to adapt to today’s dynamic, virtualized, and highly elastic environments, including SD-WAN. As a result, SD-WAN security solutions need to be:
Seamlessly integrated into the SD-WAN infrastructure.

Simple to deploy, manage, and maintain. There are often few technical resources available out at the edges where SD-WAN connects them to the rest of the network.

Cost-effective, so organizations can afford to deploy security everywhere to close any gaps in protection.

Powerful enough to meet the performance demands of today’s connectivity standards for applications and users, including such things as encryption and exponentially growing data volumes.

Intelligent enough to protect against the latest advanced, targeted threats.

For many organizations, making this transition will be time-consuming and require extensive testing and validation. Many IT teams are already overextended in managing new paradigms such as SDN, mobility, and cloud-based infrastructures and services, making the transition to secure SD-WAN daunting.

Which is why managed security service providers (MSSP) play a critical role in making the potential of SD-WAN a reality.

MSSPs are ideally positioned to provide solutions that address the inherent volatility of digitally transforming the remote edges of the network. Comprehensive SD-WAN solutions need to not only simplify connectivity but also protect the expanding attack surface, deal with emerging threats and detect and mitigate breaches, all while also enabling agility and transformation.

Because of growing security challenges and related skills shortages being experienced by organizations implementing SD-WAN, they should look to MSSPs to help with their transition. Many MSSPs are already building a security practice around SD-WAN, making them uniquely positioned to help.

Networks today require a fully integrated security strategy that extends transparent visibility across the entire attack surface, including out to their remote devices, users, and offices — regardless of the communications and connectivity protocols they use — and then ties them back into an integrated security system that provides advanced prevention, detection, and remediation.

MSSPs are positioned to provide and manage such a holistic solution. New approaches and technologies, such as the integrated security fabric, can be deployed cost-effectively, be self-provisioned, can use automation to see and respond to threats anywhere at digital speeds and adapt to dynamic network and workflow changes.

Industry analysts and competitive realities are driving companies toward digital transformation at a rapid pace, enabling them to convert their distributed resources into a cost-effective, integrated network. MSSPs are in the enviable position of being able to provide innovative solutions through a comprehensive set of managed cybersecurity services. It’s imperative to support and protect essential new technologies like SD-WAN that are being adopted as part of today’s complex, elastic and highly distributed network environments.

Those MSSPs that can offer a flexible and comprehensive suite of foundational and advanced network security and security-as-a-service options — that not only protect what exists but that can also adapt to emerging, yet to be seen concerns — will have a bright future in the new digital marketplace.

CONTRIBUTED ARTICLE DISCLAIMER

Statements and opinions expressed in articles, reviews and other materials herein are those of the authors; not the editors and publishers.

While every care has been taken in the selection of this information and reasonable attempts are made to present up-to-date and accurate information, SDxCentral, LLC cannot guarantee that inaccuracies will not occur. SDxCentral will not be held responsible for any claim, loss, damage or inconvenience caused as a result of any information within this site, or any information accessed through this site.

The content of any third party web site which you link to from the SDxCentral site are entirely out of the control of SDxCentral, and you proceed at your own risk. These links are provided purely for your convenience. They do not imply SDxCentral's endorsement or association. The copyright and any other intellectual property right any third party content belongs to the author and/or other applicable third party.

Matt Pley is the vice president of Carrier & Service Provider Group for Fortinet. He has worked for the company since 2008, when he began as the sales director of the group. Previously, Pley served as the global account manager for Check Point.

About SDxCentral

Engage With us

This material may not be copied, reproduced, or modified in whole or in part for any purpose except with express written permission from an authorized representative of SDxCentral, LLC. In addition to such written permission to copy, reproduce, or modify this document in whole or part, an acknowledgement of the authors of the document and all applicable portions of the copyright notice must be clearly referenced. All Rights Reserved.

Please enter your Business Email to view this asset:

We are requesting you provide a valid business, education, non-profit or government email address not from free or temporary email providers or ISPs. If you feel that our filters are incorrectly disallowing your email, please contact us at support@sdxcentral.com.